CVE-2025-12945

EUVD-2025-202284
A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. 



This issue affects R7000P: through 1.3.3.154.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
netgearr7000p_firmware
𝑥
≤ 1.3.3.154
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://kb.netgear.com/000070416/December-2025-NETGEAR-Security-Advisory
https://www.netgear.com/support/product/r7000p